I've seen YAML maybe two times and have never used it. On 2024-10-22 15:44, Snyder, Alexander J wrote: > Ansible is YAML, so it's dead simple from the perspective of a PHP > Dev. > > -- > Thanks, > Alexander > > Sent from my Google Pixel 7 Pro > > On Tue, Oct 22, 2024, 15:35 wrote: > >> What is the learning curve for that? >> >> On 2024-10-22 15:09, Snyder, Alexander J wrote: >>> I think a lot of this could be made a lot easier with Ansible and >>> Jinja templates. >>> >>> -- >>> Thanks, >>> Alexander >>> >>> Sent from my Google Pixel 7 Pro >>> >>> On Tue, Oct 22, 2024, 13:39 Keith Smith via PLUG-discuss >>> wrote: >>> >>>> Thank You Everyone!! >>>> >>>> Seems the problem was I needed to uncomment >> "PasswordAuthentication >>>> yes". When creating a user with SSH ability. >>>> >>>> Keith >>>> >>>> On 2024-10-22 10:46, Rusty Carruth via PLUG-discuss wrote: >>>>> ChatGPT gave a more complete answer than I do below (the >> question >>>> was: >>>>> This person is using vhost, and thinks he wants to chroot to the >>>>> docroot of the vhost when the user logs in. What do you think of >>>> that?) >>>>> >>>>> (I never thought I'd be pointing people to an AI for answers! >> ;-) >>>>> >>>>> >>>>> On 10/22/24 10:42, Rusty Carruth via PLUG-discuss wrote: >>>>>> One thing I don't understand, below. >>>>>> >>>>>> On 10/22/24 10:25, Keith Smith via PLUG-discuss wrote: >>>>>>> Hi, >>>>>>> >>>>>>> I appreciate all the feedback. There is more to the story. >>>>>>> >>>>>>> .... >>>>>>> >>>>>>> The 3 things I think I need to accomplish: >>>>>>> >>>>>>> 1) Add a user and configure it to use SSH. >>>>>>> 2) Configure each vhost to use PHP-FPM. >>>>>>> 3) Limit the User to the docroot of it's virtual host. >>>>>>> (ChrootDirectory) >>>>>>> >>>>>> I don't understand # 3. Let me say what I think you said: you >>>> have >>>>>> (some number of) virtual machines. Or do you mean that thing >>>> that >>>>>> allows you to run more than one web address from the same IP >>>> address? >>>>>> In either case, why do you need to chroot to docroot? You do >>>> realize >>>>>> that docroot must then have EVERYTHING the user needs - all >>>> programs, >>>>>> all devices, everything. So you're going to need /dev, /bin, >>>>>> /usr/bin, and so forth or the user will be dead in the water >> with >>>> no >>>>>> commands - shoot, not even bash will be there to try to type >>>> commands! >>>>>> >>>>>> If you're doing the chroot already, and its failing, then >> that's >>>>>> probably because bash isn't there, nor is anything else you >>>> need... >>>>>> >>>>>>> I am using a clone of the LAMP server so I am going to remove >> it >>>> and >>>>>>> create another close and start by trying to create a use that >>>> has SSH >>>>>>> access and a home directory. >>>>>>> >>>>>> If you are using virtual machines, just clone it in the virtual >>>>>> machine - but then, I'm thinking you don't mean virtual >> machine, >>>> you >>>>>> mean that other thing :-) >>>>>>> Then I think I should work on limiting that user to the vhost >>>> that is >>>>>>> designated to work with. >>>>>>> >>>>>>> >>>>>> So, if you mean not virtual machine but that other thing, then >>>> you're >>>>>> either going to have to copy all the stuff I talk about above >> in >>>> to >>>>>> the docroot tree (which I still think will cause more problems >>>> than it >>>>>> will fix), or mount the stuff above inside the docroot, or >> figure >>>> out >>>>>> how to change permissions and ownership so that the user can >> only >>>> >>>>>> change the stuff in their docroot. Perhaps group ownership can >>>> save >>>>>> the day here, assuming you want ALL files in ALL web servers to >>>> be >>>>>> owned by whoever is running Apache, then create 2 or more >> groups, >>>> >>>>>> change all group ownership to the NON-User group, then >>>>>> >>>>>> change group ownership of all files in your docroot to the >> group >>>> of >>>>>> the user (obviously you're going to have to change the user to >>>> have >>>>>> that group too), then change permissions to something like 770 >>>> for all >>>>>> directories everywhere (or 775, or whatever) and 660 for all >>>> files. >>>>>> Done, supposedly ;-) >>>>>> >>>>>>> >>>>>>> Then finish up by installing configuring the vhost to use >>>> PHP-FPM. >>>>>>> >>>>>>> Any thought are much appreciated!! >>>>>>> >>>>>>> Keith >>>>>>> >>>>>>> >>>>>> --------------------------------------------------- >>>>>> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >>>>>> To subscribe, unsubscribe, or to change your mail settings: >>>>>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss >>>>> --------------------------------------------------- >>>>> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >>>>> To subscribe, unsubscribe, or to change your mail settings: >>>>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss >>>> --------------------------------------------------- >>>> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >>>> To subscribe, unsubscribe, or to change your mail settings: >>>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss --------------------------------------------------- PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: https://lists.phxlinux.org/mailman/listinfo/plug-discuss